The Convergence between Security Systems & IT Networking

It wasn’t so long ago that deploying a CCTV system involved a number of cameras, a roll of coax and a digital video recorder (DVR). If an access control system was required, that made a standalone system that used twisted pair for the card reader and door strike, and the integration between the two systems was extremely limited.

Today’s security systems have dramatically evolved and offer far greater functionality. They are truly integrated, and the integration lies not only between the different elements of the security system but extends to other systems as well; for instance, an access control system is integrated with the payroll and human resources systems for time and attendance information.

The drivers for this integration or convergence are two-fold – first being the advances in technology that have enabled these systems to move from standalone to fully integrated ones, especially the standardization in the digitization, encapsulation and transmission of information. The second driver is the rising demand from customers for platforms that deliver greater functionality or improved efficiency, or both.

As information from access control, CCTV, building management systems (BMS) and other associated platforms has evolved from analog to digital; they can easily be transported over modern communication systems. These communication systems include local networks where Category 5, 6 or 7 unshielded twisted pair (UTP) is commonly used, or where distance is the limiting factor, fibre may be used. Wireless technology is also becoming increasingly popular for temporary installations, or where deployment of copper or fibre infrastructure is either impractical or cost prohibitive.

All of these physical mediums have one thing in common that they are used to deliver connectivity between devices or components of an integrated security system. These devices can include cameras, encoders, card readers, access control panels, servers, storage and workstations, to name a few. The protocol or standard that enables them to communicate with each other, regardless of vendor or physical media, is the Internet Protocol or IP.

IP, often referred to as TCP/ IP, is a suite of different protocols that are used to interconnect devices within a network. While IP may be seen by many as a black art exclusively for techno-geeks, due to the convergence that is occurring in many areas such as voice communications and physical security, it has become necessary for PBX technicians and security installers to have a greater understanding of how today’s IT networks work. This is not just limited to IP but also to the underlying physical media as the application for different media in an IP network may be quite different to that of an analog installation. The good news is that while there are plenty of individuals and organizations that profit from making networking out to be a black-art that is complex and difficult, the reality is that with the basic understanding of how networks work, it’s not as difficult.

There are two primary protocols that are used within the IP protocol suite – Transmission Control Protocol or TCP and User Datagram Protocol or UDP. TCP can be seen as similar to a voice conversation on a telephone where a call is established, and information is transmitted and acknowledged until there is no further information to be transmitted, or where the call is torn down. If the information is lost, an acknowledgment is not received and the information is resent. UDP is more akin to a letter that is sent by post where the information is encapsulated and sent across the network, and if all goes well, the information will arrive at its intended destination, but there are no guarantees.

TCP is ideal for the transmission of lots of information where the accuracy of the information is important. Examples of applications that use TCP include Web traffic (using the HTTP protocol) and email (using the SMTP protocol). UDP is ideal for the transmission of real-time information such as

voice (using the SIP protocol) and video (using protocols like RTP). The primary reason for using UDP over TCP for realtime transmission is that if information is lost, there is little point in asking for it to be retransmitted as it is no longer relevant; and with a well-designed network using equipment from a reputable networking vendor, the probability of errors is extremely low.

In order to design an IP network for a security system or solution, there are many points/ questions that need to be asked/ addressed:

Do the applications use unicast or multicast system for the transmission of information?

If CCTV is in use – how many cameras, which frame rate, and what resolution of the cameras will be used?

Do the end-points require POE (802.3af) or POE+ (802.3at) or even POE++ (802.3bt), and if so, what POE class do the devices belong to?

What speed does each of the endpoints connect at?

Is the given installation new or an upgrade, or extension of an existing system, and what physical media exists or has been proposed?

What level of redundancy (interface, link, power, device, site) is required from the network?

While this list may sound extensive, there is a reason for asking each question and the answer will better enable the network to be dimensioned.

When designing a network, it is beneficial to create a virtual LAN (VLAN) for each different application in use on the network. This separation reduces the number of devices in any given VLAN which reduces the amount of broadcast traffic and improves performance and also ensures that if one application is misconfigured or misbehaves, it is less likely to affect other applications using the network.

Unicast traffic is similar to a voice conversation between two people where information is sent from one to another. This is the kind of traffic that is used between a workstation and the server when retrieving a file. Multicast traffic is similar to a magazine subscription where specific information is sent to specific recipients of that information but not others. Multicast traffic is often used by CCTV applications as the bandwidth consumed across the network remains relatively constant regardless of the number of viewers of a camera. In unicast traffic, as the number of viewers increases so does the bandwidth

used across the network. Multicast traffic is also used in IP intercom platforms where the same traffic needs to be delivered to a number of endpoints. It is important to understand that the multicast traffic needs to be supported as it affects the way the network needs to be configured, and particular attention needs to be paid to the number of devices sending and receiving the traffic

Video generated by CCTV systems consumes by far the greatest amount of bandwidth of any application likely to be deployed across a network. The consumed bandwidth is dependent on the number of cameras connected, their frame rates, and the resolution of the cameras. For cameras using 4CIF at 25 frames per second, bandwidth anywhere in between 2.5 and 4Mbps is needed to be allowed for; and for megapixel cameras operating at 25 frames per second, it can easily increase to 12 to 20Mbps.

Power-over-Ethernet removes the requirement for separate power cabling to a device. All PoE devices advertise a ‘class’ that advises the network on the maximum amount of power that device will draw. It is important that the PoE class for each different type of device is known in order to ensure appropriate network switches are selected. While it is common to connect laptops and workstations at 1Gbps, many devices used within security networks support only 100Mbps. In these cases, there is little benefit in using network switches that support 1Gbps at the edge, as this will only increase the cost of the solution. Physical media may exist or may also need to be installed.

Having knowledge of what media exactly exists and where it runs, is important to ensure that appropriate networking devices are chosen. If the media doesn’t exist, it is beneficial to run any backbone infrastructure in a ring topology to improve the availability of the entire solution.

A security system is not particularly useful if a single failure causes the entire system to fail. For this reason, redundancy needs to be integrated into the solution. Increasing the redundancy of a system will also increase the cost, so it is important to understand what level of redundancy is required.

Lastly, consideration needs to be given to how the system is deployed and managed over time, which ensures autonomous technology is integrated into the network that reduces the burden of network management and improve consistency and security will also reduce the total cost of ownership of the system as a whole. As a vendor with over 15 years’ experience in the delivery of networks to support building services and other embedded applications, engaging with Allied Telesis will ensure you are networking smarter.